In my “Top 10 Breaches” webinar this past Tuesday I placed the DDoS attack on the Republic of Georgia at number 3. This was for several reasons, which I try to explain in the presentation. Here is a bit more detail:
First of all, the attack was orchestrated under a cohesive and large group. Groups involved in financial attacks usually have to be small (for margins as well as leak prevention) and are only held together long enough to make a profit. However a nationalist movement has far greater threat potential as it can spread based on pride alone.
Second, the sophistication of the organization, advance planning, tests, and forum communication show that geography currently does not provide much of an obstacle for talent or resources to stage an attack. Whereas “bot-herder” tests started in the US the eventual operation against Georgia came from within Russia.
Third, the attacks targeted sources of information such as blogs and news stations. Jose Nazario has just posted an interesting review of this effect. He explains that botnets are increasingly being used as a weapon against dissent and free speech. This expands the concept of a group threat to be much larger than nations and further emphasizes the importance of this type of breach.